IT Strategic Plan - San Francisco Police Department : Home
Download
Report
Transcript IT Strategic Plan - San Francisco Police Department : Home
PresentationTitle
City and County of San
Francisco Police Department
Information Technology Strategic Plan
31 May 2007
Engagement: 221255031
Table of Contents
Overview of Project Objectives and Methodology
Current Environment Overview:
3
─ Key Organizational Data & Drivers/Challenges
10
─ IT Environment and Services
15
Operational and Infrastructure Requirements
26
Key Findings and Assessment
31
Recommended Initiatives and IT Service Delivery Organization
37
Five-Year Road Map
45
Scope, Objectives, and Description of Initiatives
─ IT Infrastructure Upgrade
47
─ IT Service Delivery and Governance
63
─ RMS/CMS/LIMS, EIS, and Patrol Car Data Access
70
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 2
Overview of Project Objectives &
Methodology
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 3
SFPD IT Strategy Project Objectives
Review current applications and infrastructure and determine
opportunities for improvement to support Department performance
management and decision making.
In addition to the current records management automation initiative, what are additional
needs in headquarters and in the field?
What are potential application and technology risk areas?
Are applications and supporting infrastructure aligned to meet current and future needs of the
SFPD?
Assess current IT infrastructure, applications, and service delivery.
Are there additional technology solutions needed to facilitate effective management reporting
and decision making?
Will the various data collection and management reporting applications meet growing and
emerging constituent demands?
Are current systems consistent with industry best practices for seamless integration of
workflow and data?
Are current IT service delivery and processes adequate to meet short and long term
Department needs?
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 4
SFPD IT Strategy Project Objectives
Develop short and long term recommendations to address potential gaps
in the following areas:
Applications and supporting infrastructure
Information security and disaster recovery
Management and performance measures reporting systems
IT services and service delivery
IT management processes and governance
IT project management
IT investment management
Develop roadmap to implement prioritized recommendations.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 5
Information Technology (IT) Strategy
A Definition
An IT strategy articulates clear vision and objectives and sets a roadmap to attain
and maintain the strategy. The IT strategy should:
─ Support existing business/operational priorities and enable achievement of new priorities.
─ Be anchored in core values and principles and balance visionary thinking with pragmatic
operational realities.
─ Provide an initial statement of direction to guide activity in all aspects of IT.
─ Be an on-going process that needs continual refinement.
Business/Operations
Strategy
IT Strategy
Solutions
Strategy
IT strategies should
always be driven by the
business/operations
strategy
Delivery
Strategy
Drives
Enables
“Doing the
Right
Things”
Leading organizations
leverage IT to enable new
and different business
strategies
“Doing
Things
Right”
Organization
Governance
Processes
Business Solutions
Architecture
Communications
Roadmap
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 6
IT Strategic Planning
Gartner Methodology for IT Strategic Planning
4
Business/
Operational
Strategy
Develop HighLevel Target
Architecture Plan
1
Summarize Strategic
Business/Operational
Direction
3
2
Develop HighLevel IT
Direction
Conduct IT
Assessment and
Gap Analysis
6
Develop
Migration
Approach &
Roadmap
5
Develop Target
Service Delivery
Model
Technology
Trends
December 2006 to May 2007
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 7
7
Develop
Communications
Plan and Obtain
Broad Consensus
Project Phases
1. IT Project Planning and Initiation
2. Business/Operations and IT Environment Discovery
─ Conduct Business/Operational-Focused & IT-Focused Interviews
3. Summarize Strategic Business/Operational and IT Directions
─ Conduct Workshop for Business/Operational Directions and IT Implications
─ Conduct Workshop for IT Strategic Directions and Guiding Principles
4. Conduct IT Assessment and Gap Analysis
─ Assess Alignment of Current IT Initiatives and Portfolio
─ Assess IT Management and Governance Capabilities
─ Assess IT Infrastructure
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 8
Project Phases (Cont)
4. Develop Target IT Environment and Service Delivery
─ Develop High-Level Target Technical Architecture
─ Conduct Workshops for Target IT Environment, Service Delivery Needs, and IT
Governance
5. Develop IT Strategic Roadmap and Define IT Support Structure
─ Conduct Strategic Recommendations and Prioritization Discussion
─ Further Define IT Service Delivery Resources
─ Develop IT Roadmap & Communications Recommendations
─ Prepare Final Report and Presentations
─ Conduct Final Briefings and Presentations
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 9
Current Environment Overview
Key Organizational Data & Drivers/Challenges
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 10
Key Organizational Data
Total FY 2006-2007 Budget: $368M
Number of Staff (Budgeted): 2700+
─ Approximately 2100 Sworn Officers
Number of Incident Reports:
120,000 per year
─ By Service Area:
Staffing By Service Area
Patrol
Number of Emergency
Communications Dept. (ECD)
Calls:
Investigations
Operations &
Administration
1,000,000 per year
Airport
Other
Average Per Shift: 800 Sworn Officers & Civilians
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 11
Key Organizational Data:
IT Budget (estimated)**
2006-2007
Budget
% of IT
Budget
$5,527,848
58.6%
Other Non-Salary MIS Budget
$ 2,080,216
22.1%
MIS Staffing (14 FTEs)
$ 1,817,403
19.3%
DTIS Work Order
─ ISD Computers - $2,984,978
─ Telephones: $1,504,694
─ 911 - $650,013
─ Citywatch – $ 39,677
─ Off-Budget $348,486
Sub-total
$9,425,467
Project-Based: RMS Project Team (7 FTEs)
$
749,378
**Total Project Budget: $5.29 Million, excluding SFPD staff costs.
DTIS Work Order: Carry forward Grant – Security System
TOTAL
$11,722,282
**Note: IT Budget figures exclude Airport Bureau.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
$1,547,437
31 May 2007
Page 12
Key Organizational Drivers/Challenges
External Drivers
Public and political expectations for
accountability and performance
measures
Partner agencies’ (e.g., CA DOJ)
expectations in information sharing
and communications capabilities
Increased constituent demand for
information (e.g., crime statistics,
location) and services
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 13
Key Organizational Drivers/Challenges
Internal Drivers
Changing workforce due to retirements and
growth needs, e.g., annual hiring projection
of 250 officers
Policy-intensive procedures and processes
requiring individual accountability
Limited funding and resources for
information technology support and
capabilities
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 14
Current Environment Overview:
IT Environment and Services
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 15
IT Environment: Functional
Current Applications/Databases
Major Enterprise-wide
Applications (SFPD/Public
Safety Specific)
Major Enterprise-wide
Applications
(City-wide)
Other Applications Used by
Multiple
Bureaus/Divisions/Units
CAD (i-CAD; e-CAD)
PeopleSoft HRMS (Public Safety): Scheduling;
Interface to CAD
IRS: Incident Reporting System
CABLE
Intranet Web Page
CLETS/NCIC (owned/managed by CA DOJ)
Lotus Notes: E-Mail Functionality Only
PeopleSoft HRMS
FAMIS
AFIS; Live Scan; TRAK; Crime Mapping; Mug
Shots; Voice Box; Pen-Link; Cal-Photo; CARS
(CHP); PID
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 16
IT Environment: Functional
Current Applications/Databases (Cont)
Bureau/Division/Unit Specific
Applications & Databases
External Facing Applications
Field Operations: Multiple Traffic DBs, including DABOR DB;
UCF Software; Radio and Video Storage Applications; National
Incident Management (system in development)
Investigations (Property/Personal/Juvenile & Family
Services/Narcotics & Vice): Fraud Chronology DB; Multiple
Narcotics/Vice DBs; Homicide DB; Sexual Predator DB;
Robbery DB; Gang Task Force DB
Investigations (Forensic Services): DNA Analysis DB; Firearms
Tracking DB; Lab Information Mgmt. System
Administration: Backgrounds DB; Firearms Training DB; Other
Training/Academy DBs to track training and POST records; Use
of Force DB (Word); EEO DB (Excel); Firearms Tracking DB;
IKON (Imaging); Inventory and Asset Management (IT);
Facilities Mgmt Tracking DB; Claims and Suits (Excel);
Laserfiche (Support Services)
Airport: Intergraph CAD/RMS; Personnel/Training DB
Citizen Website
CopLogic (External System)
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 17
IT Environment: Functional
Current Applications/Databases (Cont)
Other
UCS Report Writer: Being Used as Word Processor
Tiburon RMS: Limited RMS functionality – captures CAD
incidents transfers
CARS (owned by OES; data sent to CARS from CAD –
SFPD does not have direct access to CARS data).
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 18
IT Environment: Technology Inventory*
Personal Computers
Server Environment/Mainframe
SFPD has approximately 1,250 Personal Computers.
─Desktops – 1,150
─Laptops – 100
SFPD supports roughly 45 servers at HOJ, with additional servers
located at non-HOJ locations.
CABLE as well as city-wide applications used by SFPD (e.g.,
payroll, City HRMS system) are located at DTIS data centers (Turk
St., and 1 Market St.).
DTIS has the primary responsibility for managing the mainframe
and server environments.
Inventory Age*
< 5 Yrs Old
5-10 Yrs Old
10+ Yrs Old
Unknow n
* The age of the Operating System is used as a proxy for the system age
Network
Other
Patrol stations are connected to HOJ through the wide area
network (WAN), which is managed by DTIS.
Most remote offices have T1 connections which, in some cases,
carry voice and data transmissions.
Local area networks (LANs) and standalone servers, which are not
connected to the WAN, are scattered across the department.
SFPD has over 550 printers.
* All inventory analysis was based on SFPD’s reported inventory. Inventory
figures exclude Airport Bureau, whose IT is funded and managed separately.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 19
IT Environment: Technology by Bureau*
Inventory by Bureau
─
─
─
Administration and Investigations have relatively equal number of computers,
approximately 470. Field Operations has a smaller number, approximately 310.
The number of printers assigned to each bureau ranges from 160 to 210.
There are a limited number of laptops within the department; Investigations has
the highest number, with approximately 85.
500
450
400
350
300
250
200
150
100
50
0
Admin.
Field Ops.
Invest.
Laptops
Desktops
Printers
3500
Inventory Weighted by Bureau Staffing
─
─
3000
Administration has the highest inventory of PCs and printers, when adjusted for
number of bureau staff.
Field Operations has significantly fewer PCs and printers, when adjusted for
number of bureau staff.
2500
Admin.
2000
Field Ops.
1500
Invest.
1000
500
0
Computers
Printers
Age of Personal Computer Inventory by Bureau
─
─
Administration has the highest percentage of PCs, which are less than 5
years old.
Roughly 60% of Field Operations’ Personal Computers are over 10 years old.
Invest.
Unknow n
< 5 Yrs Old
Field Ops.
5-10 Yrs Old
10+ Yrs Old
Admin.
* All inventory analysis was based on SFPD’s reported inventory. Inventory
figures exclude Airport Bureau, whose IT is funded and managed separately.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
0%
31 May 2007
Page 20
20%
40%
60%
80%
100%
IT Environment: Average Patrol Station*
35
Patrol Station Inventory
─
─
30
An average patrol station has 24 desktop computers and 14
printers.
Southern, Mission, Northern, and Taraval have 25 or more PCs.
Park has the fewest number of PCs.
25
Personal Computers
20
Printers
15
10
5
ic
hm
on
d
So
ut
he
rn
Ta
ra
va
l
Te
nd
er
lo
in
Pa
rk
R
en
tra
l
In
gl
es
id
e
M
is
si
on
N
or
th
er
n
C
Ba
yv
ie
w
0
Inventory Age
─
─
─
Approximately 75% of PCs are more than 5 years old.
Up to 5 different versions of Windows are currently in use within
one station.
Taraval and Northern have the highest percentage of PCs, which
are less than 5 years old.; Tenderloin and Park have the highest
percentage of PCs, which are older than 10 years old.
Tenderloin
Taraval
Southern
Richmond
Unknown
<5 Yrs
Park
5-10 Yrs
Northern
>10 Yrs
Mission
Ingleside
Central
Bayview
0%
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 21
20%
40%
60%
80%
100%
IT Roles and Responsibilities
Desktop/Printer Support &
Maintenance
SFPD
DTIS
Some service support
requests are made directly to
SFPD IT Staff. Per DTIS, it
receives calls from SFPD MIS
to log issues into DTIS help
desk ticket system.
Service support requests via E911 help
desk.
Comments
•
Desktop installations are
performed by SFPD, DTIS or an
outside contractor (based on
resource availability).
•SFPD
is responsible for
procurement of desktops, printers,
and other similar devices.
•
SFPD is responsible for
configuration management &
maintenance.
Server Administration and
Maintenance
SFPD MIS primarily supports
Wintel servers that are used
for distributed computing.
DTIS provides server support for the
applications that it maintains (HRMS,
CABLE, iCAD).
Server support is also provided by
external vendors for iCAD and
eCAD.
Network Communications
Infrastructure Support
Responsible for the SFPD
LANs. (e.g., security, software
distribution and patch
management).
Responsible for citywide WAN; provide
some LAN support (e.g., routers and
switches); responsible for wireless
network including public safety radio
system.
LAN = Local Area Network – is
generally the responsibility of the
Department
Responsible for user ID and
password management,
desktop management, and
LAN management.
Responsible for citywide security
management pertaining to enterprisewide infrastructure.
In general, responsibility for
security is split between SFPD
MIS and DTIS, based on what IT
components that each maintains.
For example, DTIS is responsible
for security for the WAN and
SFPD is responsible for security
for the LAN.
Security
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 22
WAN=Wide Area Network – is the
responsibility of DTIS.
IT Roles and Responsibilities (Cont’d)
SFPD
Disaster Recovery
DTIS
Offers this service for the
applications that it maintains
(hosts).
Comments
DTIS disaster recovery site is in Colorado.
Data Center Operations
Generally does not support
traditional data center related
operations but supports those
servers that are used for office
automation functions such as file
and printer sharing. Those
servers are located in HOJ.
Provides operational support for the
CABLE and HRMS servers that
host SFPD applications. These
servers are in data centers located
in Turk St., One Market Place, and
HOJ.
Application Support
SFPD MIS provides support for
applications that it maintains,
such as IRS (current incident
reporting system).
DTIS provides support for
applications that it maintains, such
as the Public Safety PeopleSoft
HRMS and CABLE.
Includes services, such as application
maintenance & development.
IT Service Desk
Some service requests are made
directly to SFPD IT Staff.
Depending on priority of issue, access to
second level support is limited outside of
standard business hours.
E911 help desk is primary contact
for public safety users. This is
staffed 24X7.
DTIS has 4 help desks, which it is
proposing to consolidate, based on
a recent Controller audit.
Project Management
Provides project management of
department-specific initiatives
such as the New World System
records management project.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
Supports SFPD projects but is
responsible largely for managing
citywide projects.
31 May 2007
Page 23
IT Resource Allocation
Ongoing Operations Support and Project Support
SFPD and DTIS reported a total of 27 resources allocated to supporting SFPD operational needs.
In addition, there are eight (8) SFPD resources supporting the RMS project.
Operations
SFPD
DTIS
Comments
Desktop/Printer Support &
Maintenance
2.5 FTEs
1.0 FTE
All FTEs are co-located at HOJ. Supports
approximately 1,250 client devices.
Server/Mainframe
Administration and
Maintenance
1.75 FTEs supporting 56
WinTel servers for print
and file sharing primarily.
5.5 FTEs total (1.0 for
Unix support and 2.5 for
mainframe support, 2 for
Wintel).
Server support is also provided by external
vendors for iCAD and eCAD.
Local Area Network
1.75 FTEs
4.5 FTEs
DTIS 911 Help Desk supports all public safetyrelated departments 24X7, i.e., three shifts. Other
Help Desk exists for CABLE application support.
1.5 FTEs
SFPD resources are considered “super users” that
support management reporting requests.
Help Desk
Application Maintenance
& Support – HRMS, IRS
2.0 FTE
Mainframe support is included.
DTIS resources provide maintenance &
development support.
Application Maintenance
& Support – CABLE and
CLETS coordination.
2.5 FTEs
Project Management and
Administration
2.5 FTEs
Total Allocation
13 FTEs
1.5 FTEs
DTIS resources are generally focused on
maintenance functions. No additional functionality
is being developed for CABLE.
Includes full time management of MIS section,
telecommunications management, and
management of LAN/desktop resources.
14 FTEs
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
Does not include external service provider
contracts, and DEM-related resources.
31 May 2007
Page 24
IT Environment/Services: Airport
Technology Infrastructure
─ LAN (Local area network) maintained by SFPD Airport Bureau.
─ Airport ITT provides support for network connectivity outside of Airport Bureau
switches.
Services
─ The majority of IT support services (e.g., help desk; application support &
maintenance) provided by 3 FTE SFPD resources.
In process of developing work order with DTIS to provide application support services that
are currently being provided by SFPD resources.
SFPD:
PeopleSoft HRMS
SFPD Airport
Bureau:
San Mateo
County Sheriff:
CAD; RMS
CLETS; RMS
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 25
Operational and Infrastructure
Requirements
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 26
Criteria for Prioritization of Operational Requirements
Over 150 SFPD stakeholders participated in defining high level
operational requirements in December 2006. These requirements
were documented in detail, and discussed with SFPD’s leader
team.
Requirements were prioritized based on the following principles:
─ Align requirements with core mission/values
SFPD Statement of Values:
Highest Priority is the Protection of Human Life
─ Identify requirements with greatest impact on organizational capabilities
─ Incorporate foundational dependencies (infrastructure)
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 27
Operational Requirements
Common Themes
Workplace and Office Automation Support
─ Streamline communication processes
For example, use of electronic mail for transmission/confirmation
of directives.
─ Facilitate access to critical data sources
For example, integrated law enforcement and justice databases.
─ Provide the tools necessary for each role and responsibilities
For example, sufficient access to computer workstations/printers,
which allow officers to efficiently complete their reports.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 28
Operational Requirements
Common Themes (Cont)
Core Mission and Operational Support
─ Provide consistent and robust access to critical officer safety
information
For example, ease of access to CLETS information.
─ Facilitate effective information sharing among various divisions
For example, integration of data, which is currently stored in
multiple, standalone databases and systems.
─ Seamless (and paperless) workflow to support due diligence
processes (e.g., incident and arrest reports, traffic reports, evidence
tracking, evidence disposal, and records management), with a focus
on reducing paperwork workload for patrol officers.
─ Provide decision making and performance reporting tools necessary
to support departmental needs
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 29
Infrastructure Requirements
Common Themes (Cont)
Provide sufficient access to robust, consolidated workstations
─ For example, officers able to use single workstation to access
multiple applications, including e-mail and the Internet.
Provide the network infrastructure required to support operational
requirements
─ For example, enabling the access to/ sharing of data across the
department, including in mobile units.
Strengthen the management of information security across the
department
Strengthen department-wide implementation of disaster recovery
processes
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 30
Key Findings
and Assessment
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 31
Key Findings and Assessment
Alignment to Strategic Goals
and Directions
Current applications and technical infrastructure will not meet
long term Department needs.
Workplace and Office
Automation Capabilities
Access to capabilities is not consistently available throughout the
department (e.g., e-mail).
Communication and data/document exchange within the
department, as well as with the public and partner agencies, is
often challenging given limitations in automation tools.
Insufficient access to robust computer workstations/printers
impacts officer efficiency (e.g., increased time spent on
completion of incident reports).
Real-time data is not easily accessible across the department, for
use by officers in the field as well as for purposes of analysis and
reporting.
“Shadow” and manual functions are in place to meet day-to-day
needs for information (e.g., patrol, training, investigations).
Concerns raised regarding records management system (RMS)
deployment plans.
Core Mission and Operations
Support
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 32
Key Findings and Assessment (Cont)
IT Maintenance and Refresh
Cycle
Data Communications
Infrastructure
Backup and Recovery
Planning is underway to replace aging personal computer
devices (e.g., desktops).
Application performance and infrastructure-related security
issues would be addressed through consistent technology
refresh processes.
Concerns raised regarding overall robustness of communications
infrastructure to support current and future (e.g., RMS
deployment) needs.
Planning is underway to upgrade Hall of Justice (HOJ) network
infrastructure.
Concerns raised regarding ability to successfully recover data
should current department HRMS fail. Planning is underway to
upgrade HRMS, however, requires further scope and resource
definition.
Some risks due to inconsistent levels of disaster recovery and
back-up support for department data. Efforts are underway to
address these risks.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 33
Key Findings and Assessment (Cont)
IT Service Delivery
Consistent concerns raised in end-to-end delivery of IT services
(including training), except for Airport Bureau IT services.
IT Help Desks
Formal and informal avenues available for resolving computer
related issues.
Single point of contact established (i.e., 911 help desk) and
funded by public safety departments.
Impression is that informal avenues (i.e., who you know)
generally works better than formal channels.
Department of Telecommunications and Information Services
(DTIS), the Department’s primary provider of IT services is
undergoing three-year transformation initiative.
IT service delivery roles and responsibilities have been
augmented over the years with use of internal SFPD resources.
Opportunities exist to further delineate roles and responsibilities
and formalize service level objectives, including accountability for
security and disaster recovery.
Delineation of Roles and
Responsibilities
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 34
Key Findings and Assessment (Cont)
IT Project Management
IT Decision Making and
Governance
IT Budget
Limited clarity in project scope, benefits, schedule, resources,
dependencies, and budget.
Stakeholder buy-in and change management are areas requiring
further focus.
Decision making process is unclear to most department
stakeholders, particularly those in day-to-day operations.
Some efforts underway to define criteria for making decisions on
IT operational and project-related issues.
Cost of IT services and resources currently cannot be tightly
linked to benefits and outcomes.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 35
Key Findings and Assessment (Cont)
Using workload and staffing input provided by SFPD and DTIS, Gartner assessed the current IT staff
allocation by comparing the current IT staff allocation with peer averages in the Gartner benchmarking
database. In addition, Gartner validated the results from our benchmarking database with first-hand
information from similar law enforcement organizations.
Help Desk Support
Desktop Support
Help Desk resources appear high and need to be further reviewed.
Gartner would anticipate ½ FTE total to support the SFPD-specific help
desk needs, based on total annual number of help desk tickets for
2006 provided to Gartner.
Total FTE of 3.5 shows under-staffing in this area. Peer comparison
shows need for 6 FTEs.
LAN Support
Server Support - UNIX
Server Support - WinTel
Server Support - Mainframe
Total FTE of 1.75 is below peer comparison point of 2.5 FTEs.
Current FTE allocation to support the Unix environment appears
slightly higher than the peer group.
Current FTE allocation of 3.75 to support the Wintel environment is
lower than the peer group comparison of 6.0 FTE.
Current FTE allocation to support the mainframe environment
appears slightly higher than the peer group of 1.5 FTEs.
Applications Support –
As a result of the uniqueness of the Department’s CABLE and
CABLE, HRMS, CrimeMapping HRMS applications, Gartner was not able to identify a suitable peer for
comparing FTE allocation.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 36
Recommended Initiatives and
Supporting IT Service Delivery
Organization
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 37
Foundational and Strategic IT Initiatives
Discussed on January 31, 2007
1. Strengthen IT Infrastructure
─ Future State Architecture
─ Desktop Upgrade
─ Back Office Server Upgrade
─ Network Rationalization
─ Security And Disaster Recovery
2. Enhance IT Governance and Decision Making
3. Optimize IT Service Delivery and Processes
4. Implement Integrated Records Management and Case Management
Capabilities (RMS/CMS)
─ Integrated Document Management
─ Photos, Video
5. Implement Early Intervention System (EIS)
6. Increase Access to Critical Data in Patrol Cars
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 38
Linking Strategic IT Goals and Initiatives
“Winning the Race”
Strategic IT Goals/
Initiatives
Continue to Focus on
Operational Effectiveness
and Officer Safety
Improve Communications
and Information Sharing
#1: IT Infrastructure
#2: IT Governance
#3: IT Service Delivery
#4: RMS and CMS
#5: EIS
#6: Mobile Data Computing
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 39
Increase Ability to Manage
Operational Performance
Key Recommendations
IT Service Delivery
Tactical recommendations
─ Stabilize the desktop computing and LAN environment.
─ Current resources are working on day-to-day support as well as
deployment of new desktops. The deployment of 550 new desktops
should be sourced externally (e.g., DTIS or external contractor).
─ Gartner recommends four (4) additional resources to focus on this
service area.
─ Clarify service level objectives with DTIS for Help Desk, applications
support, and WAN. Reallocate FTEs as needed.
Foundational recommendations
─ Consolidate all SFPD internally sourced IT services reporting to a
single manager (i.e., chief information officer).
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 40
Key Recommendations (Cont’d)
IT Service Delivery
Foundational recommendations (Cont’d)
─ Over time, discontinue practice of using sworn officers in providing
day-to-day IT technical infrastructure support.
─ Consider using sworn officers for project-specific tasks
Functional scope definition
Training manual development and training
Functional and integration testing
Organization change management agents/leaders
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 41
Key Recommendations (Cont’d)
IT Service Delivery
Foundational recommendations (Cont’d)
─ Establish and sustain four (4) new positions:
Department Chief Information Officer
Three business analysts
─ Continue use of external service providers for
One-time needs (e.g., project management) or
Needs that require specialized expertise (e.g., strategic planning)
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 42
Key Recommendations (Cont’d)
IT Service Delivery
Strategic Recommendations
─ Over a two-year period, adopt an IT service delivery model that
optimizes the Department’s ability to determine, manage, and
sustain effective operational processes through improved
technology capabilities.
─ Maintain an in-house structure to develop and manage external
service provider (ESP) relationships, e.g., DTIS and outsourced
contracts.
Driving IT innovation in
5
business and aligning
IT strategy
4
3
2
1
Outsourced to ESPs
Supporting business
change initiatives
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 43
Supplying and supporting the
infrastructure
Embedded
in SFPD
business
Key Recommendations (Cont’d)
IT Service Delivery
Strategic Recommendations (Cont’d)
─ Mature IT service delivery to ensure that end-to-end processes are
well-established and repeatable, and outcomes can be effectively
measured. See illustration below.
─ Make decision making processes regarding sourcing of IT resources
(e.g., in-sourced, DTIS, or outsourced) an integral part of the
Department’s ongoing IT governance processes
Process
"Green"
Step 1
Step 2
Step 3
Structure
Structure
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 44
Result
?????
Not This!
Result
This!
Five Year Road Map
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 45
Foundational and Strategic IT Initiatives
Three to Four Year Road Map
Initiative
H2 06 H1 07 H2 07 H1 08 H2 08 H1 09 H2 09 H1 10 H2 10 H1 11 H2 11
Initiative #1 – Infrastructure Upgrade,
(including DR and Security)
-1a Establish Desktop Standards
-1b Upgrade Desktops
-1c Upgrade Servers
-1d Address Network
-1e Address Security & DR
Initiative #2 - IT Governance and Investment
Management
Initiative #3 - IT Organization and Service
Delivery Model
Initiative #4 – Integrated RMS and CMS
Initiative #5 - EIS Implementation
Initiative #6 - Patrol Car Access
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 46
IT Infrastructure Upgrade
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 47
Develop SFPD Future State Architecture
Scope and Objectives
Develop SFPD technology architecture to support strategic technology vision as articulated in IT Strategic Plan
Determine technology platform standards, including components such as computer hardware, software applications,
network standards, middleware, messaging, etc.
Develop governance process for deploying standards and for managing exceptions
Sponsor/Execution Responsibilities
Sponsor: SFPD Senior Leadership
Project Manager: TBD
Time Frame
3 Months
Key Activities
Create program office and identify program manager accountable for achieving SFPD future state vision for technology
and architecture, including roll-out of new RMS system, new standard email, etc.
Identify project manager that is accountable for ensuring completion of the technology architecture in support of the
future state vision as identified in the IT Strategic Plan. This project manager will be accountable to the Program
manager responsible for development of standard selections for all SFPD technology components, as well as for
developing a process for managing exceptions to the standards
Develop SFPD IT Architecture to support SFPD IT Strategic Plan and obtain commitment from leadership,
stakeholders, and participants
Publish SFPD IT Architecture and component standards
Publish governance process for decision making regarding deployment of new technologies at SFPD (see IT
governance initiative)
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 48
Develop SFPD Future State Architecture
Organization Implications
Development of a departmental architecture for SFPD will require coordination amongst architecture team members
representing multiple disciplines, technologies and functions
The City is implementing a City-wide technology architecture that will include provision for Departmental technology
architectures that are specific to individual City departments such as SFPD. There are de-facto standards already inuse by SFPD and these must become part of the City’s technology architecture
All SFPD key stakeholders, IT staff, and leadership must agree to be bound by the architecture standards developed as
a result of this initiative
Technology Considerations
In order to ensure success of subsequent roll-out/deployment of information technology, avoid unplanned outages and impacts to
department business functions, SFPD must select technology solutions that are compatible with current and future technical
components employed by the department. As such, the development of an enterprise technical architecture is foundational to
subsequent infrastructure related initiatives. Standards must be established for technology components such as:
Platform and storage components such as Desktop Workstations, laptops, and PDAs, Enterprise Servers, Mid-range Servers,
Enterprise OS, Mid-range OS, Storage Area Networks, etc.
Data Management Technologies including Enterprise RDBMS, Extract/Transfer/Load Tools, Data Cleansing Tools
Enterprise Systems Management tools such as Job Schedulers and Storage Management utilities
The Enterprise Technology Architecture combines five key disciplines for ensuring that technology enables the business:
Enterprise Architecture—links IT strategy to IT execution across the enterprise
Enterprise Information Management—ensures that data/content environment enables the business’s information needs
Solution Architecture—ensures that solutions address process/data/technology requirements
Enterprise Solutions—leverages Business Process Reengineering (BPR)-based solutions to transform the business
Infrastructure Management—ensures that technology infrastructure deployed (networks, security, servers, desktops) enables all
the above
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 49
Develop SFPD Future State Architecture
Risk Factors
Mitigating Factors
Need cooperation from several different organizations
and technical disciplines
Need buy-in and commitment from department leadership
and all IT stakeholders to establish a common set of
technology standards
There are several in-progress initiatives that will result in
de-facto standards due to the technology choices having
already been made.
Work with City IT architects to develop standard
architecture
Employ solid project management discipline
Determine which de-facto standards will be retired or
contained over time, which ones will need to be
supported
Cost Factors
1 FTE for project management and coordination for
project duration
16-20 hours for each SFPD team member involved in
architecture development workshops
Critical Success Factors
Strong program and project governance required to
ensure success of this initiative
Commitment from leadership, key stakeholders, and all
project participants will be required in order to achieve
goals and objectives
Adequate budget and resources
$125K to 150K external consulting
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 50
Desktop Upgrade
Scope and Objectives
Upgrade department PC workstations to support future state
Upgrade PC software to levels supportable by software vendors
Upgrade desktop clients to enable use with new RMS system
Ensure that security considerations for the desktop are satisfied, including antivirus, anti-spam, disaster recovery,
etc.
Sponsor/Execution Responsibilities
Sponsor: SFPD Senior Leadership
Project Manager: TBD
Time Frame
Describe Time Frame: 3 Months
Key Activities
Create program office and identify program manager accountable for achieving SFPD future state vision for technology
and architecture, including roll-out of new RMS system.
Identify project manager that is accountable for ensuring completion of the desktop upgrade project and for meeting all
requirements (business and technology) associated with this effort. This project manager will be accountable to the
Program manager responsible for implementation of the SFPD future state vision and will coordinate with other project
managers and technical leads, as appropriate.
Develop detailed implementation plan and schedule; obtain commitment from leadership, stakeholders, and participants
Assemble desktop project team and implement desktop upgrade.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 51
Desktop Upgrade
Organization Implications
Coordination of team members representing multiple disciplines, technologies and functions will be required in order to
build a team that will function as a cohesive unit
Sourcing of desktop upgrade, installation, and support functions must be considered.
Extensive training will be required for end users, as well as the SFPD Service Desk, in order to ensure successful
deployment
Scripts will need to be developed for the SFPD Service Desk to enable rapid troubleshooting and problem resolution
Security for the desktops should be managed and administered centrally in order to ensure consistently of operation
Technology Considerations
Desktop images for all workstations that will be used to access RMS, CLETS, E-mail, and other future state applications will need
to be upgraded to levels of the Operating System (OS) software that are currently supported by the manufacturer
All program products and desktop software applications, whether Commercial off the Shelf (COTS) or in-house developed, will
need to be certified for use with the new OS. This includes anti-virus, firewall, anti-spam, anti-spyware, 3rd-party client and other
desktop and server-based software packages
Server software will need to be upgraded in order to support the upgraded desktop environment and the upgrades of both
environments will need to be coordinated so as to minimize system downtime and subsequent impact to end users
Network traffic between servers and desktops will need to be regularly monitored with response times and performance measured
at the end user desktop. Network utilization will increase along with demand for bandwidth-intensive services such as digital
imagery, streaming video feeds, etc. The network may need to be upgraded in phases, as these anticipated demands are
realized
Good software configuration management and change control procedures and tools will be required to maximize system
availability and minimize disruption
System backup and recovery will need to be addressed for all servers and desktop computers
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 52
Desktop Upgrade
Risk Factors
Potential for suboptimal coordination between multiple
resources from different organizations or technical
disciplines
Schedule and timing of all supporting activities
Potential for insufficient network bandwidth at some
locations where transaction volumes are exceptionally
high
Mitigating Factors
Employ solid project management discipline
Simulate network utilization during pilot implementation
phase; continue to monitor network utilization as new
desktops are rolled out; phase upgrade network circuits
as necessary
Cost Factors
1 FTE for project management and coordination for
project duration
$250K to $400K for one-time costs
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
Critical Success Factors
Strong program and project governance required to
ensure success of this initiative
Commitment from leadership, key stakeholders, and all
project participants will be required in order to achieve
schedule and budget requirements
Adequate budget and resources
31 May 2007
Page 53
Back Office Server Upgrade
Scope and Objectives
Upgrade and Install Servers required to support future state
Deploy the City-wide Email standard for all SFPD personnel (maintained by DTIS)
Upgrade server software to levels supportable by software vendors
Ensure that security considerations for servers are satisfied, including antivirus, anti-spam, disaster recovery, etc.
(Note: It is assumed that server upgrades/installations to enable new RMS system will be performed by RMS
project/initiative)
Sponsor/Execution Responsibilities
Sponsor: SFPD Senior Leadership
Project Manager: TBD
Time Frame
Describe Time Frame: 3 Months to coincide with Desktop
upgrade
Key Activities
Create program office and identify program manager accountable for achieving SFPD future state vision for technology
and architecture, including roll-out of new RMS system and standard Office suite.
Identify project manager that is accountable for ensuring completion of this initiative and for meeting all requirements
(business and technology) associated with this effort. This project manager will be accountable to the Program
manager responsible for implementation of the SFPD future state vision and will coordinate with other project managers
and technical leads, as appropriate.
Develop detailed implementation plan and schedule; obtain commitment from leadership, stakeholders, and participants
Assemble desktop project team and implement server upgrades.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 54
Back Office Server Upgrade
Organization Implications
Coordination of team members representing multiple disciplines, technologies and functions will be required in order to
build a team that will function as a cohesive unit
Sourcing of server upgrade, installation, and support functions must be considered.
Training will be required for system administrators and system users, as well as the SFPD Service Desk, in order to
ensure successful deployment
Scripts will need to be developed for the SFPD Service Desk to enable rapid troubleshooting and problem resolution
Security for the servers should be managed and administered centrally in order to ensure consistency of operation
Technology Considerations
Images for all servers that will be used to access RMS, CLETS, and other future state applications will need to be
upgraded to levels of the Operating System (OS) software that are currently supported by the manufacturer
All program products and other software applications, whether Commercial off the Shelf (COTS) or in-house developed,
will need to be certified for use with the new OS. This includes anti-virus, firewall, anti-spam, anti-spyware, 3rd-party
client and other server-based software packages
Server software will need to be upgraded in order to support the upgraded desktop environment and the upgrades of
both environments will need to be coordinated so as to minimize system downtime and subsequent impact to end users
Network traffic between servers and desktops will need to be regularly monitored with response times and performance
measured at the end user desktop. Network utilization will increase along with demand for bandwidth-intensive
services such as digital imagery, streaming video feeds, etc. The network may need to be upgraded in phases, as
these anticipated demands are realized
Good software configuration management and change control procedures and tools will be required to maximize
system availability and minimize disruption
System backup and recovery will need to be addressed for all servers and desktop computers
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 55
Back Office Server Upgrade
Risk Factors
Potential for suboptimal coordination between multiple
resources from different organizations or technical
disciplines
Schedule and timing of all supporting activities
Potential for insufficient network bandwidth at some
locations where transaction volumes are exceptionally
high
Mitigating Factors
Employ acceptable project management discipline
Simulate network utilization during pilot implementation
phase; continue to monitor network utilization as new
desktops are rolled out; phase upgrade network circuits
as necessary
Cost Factors
1 FTE for project management and coordination for
project duration
TBD
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
Critical Success Factors
Strong program and project governance required to
ensure success of this initiative
Commitment from leadership, key stakeholders, and all
project participants will be required in order to achieve
schedule and budget requirements
Adequate budget and resources
31 May 2007
Page 56
Network Rationalization
Scope and Objectives
Document network current state capability and performance
Rationalize future state network requirements, including RMS roll-out, etc.
Determine sourcing for on-going network services and support
Sponsor/Execution Responsibilities
Sponsor: SFPD Senior Leadership
Project Manager: TBD
Time Frame
Describe Time Frame: 12 Months
Key Activities
Identify project manager that is accountable for ensuring completion of this effort. This project manager will be
accountable to the Program manager responsible for implementation of the SFPD future state vision and will coordinate
with other project managers and technical leads, as appropriate
Develop detailed implementation plan and schedule; obtain commitment from leadership, stakeholders, and participants
Assemble project team and perform tasks associated with this initiative
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 57
Network Rationalization
Organization Implications
Coordination of team members representing multiple disciplines, technologies and functions will be required in order to
build a team that will function as a cohesive unit
Sourcing of network services in consideration of the SFPD future state must be determined.
Technology Considerations
Network traffic patterns and transaction volumes
Network response times and performance measured at the end user desktop.
Network utilization impacts due to demand for bandwidth-intensive services such as digital imagery, streaming video
feeds, etc.
Emerging or future state network technologies
Potential role of VoIP (Voice over IP)
Strategies for phased implementation of new or improved network technologies or capabilities
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 58
Network Rationalization
Risk Factors
Mitigating Factors
Competing priorities for resources and/or funding
Ensure that network rationalization is considered as
precursor to roll-out of RMS and other SFPD future state
initiatives
Cost Factors
Critical Success Factors
1 FTE for project management and coordination for
project duration
$170K to $220K for external assessment
Commitment from leadership, key stakeholders, and all
project participants will be required in order to achieve
schedule and budget requirements
Adequate budget and resources
Other cost factors to be determined based on results of
assessment
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 59
Address Security and Disaster Recovery
Scope and Objectives
Address information security and disaster recovery for SFPD information technology
Ensure that security considerations for the IT infrastructure are satisfied, including governance, administration and
management of security and disaster recovery
Sponsor/Execution Responsibilities
Sponsor: SFPD Senior Leadership
Project Manager: TBD
Time Frame
Describe Time Frame: 6 Months
Key Activities
Create chief information security officer (CISO) role that would be accountable and have overall responsibility for
Information Security and Disaster Recovery for SFPD. (This role could potentially be subsumed in current staffing.
Important consideration is single point for accountability.)
Create information security policy and procedures and ensure compliance
Commission risk assessment and business impact analysis (BIA) for disaster recovery
Determine DR plan and strategy
Implement DR Plan
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 60
Address Security and Disaster Recovery
Organization Implications
Coordination of team members representing multiple disciplines, technologies and functions will be required in order to
build a team that will function as a cohesive unit
Sourcing of risk assessment and business impact analysis must be considered. Use of 3 rd party for DR testing and failover must also be considered.
Each station or major SFPD location should have Information Security Officer (ISO) function
DR must be considered when performing new project implementations or developing new IT initiatives
Security for the desktops should be managed and administered centrally in order to ensure consistently of operation
Good hardware and software configuration management and change control procedures and tools will be required to
maximize system availability and minimize disruption
Technology Considerations
System backup and recovery will need to be addressed for all servers and desktop computers
Location and handling of backup media to be used for system recovery
Technology utilized for disaster recovery should be determined by ability to meet validated Recovery Time Objectives
(RTOs) as established by a BIA.
Location/placement of primary and backup data center locations
Amount of available network bandwidth between primary and backup sites
3rd party options for DR
Use of automated notification system during disaster situation
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 61
Address Security and Disaster Recovery
Risk Factors
Mitigating Factors
Potential for suboptimal coordination between multiple
resources from different organizations or technical
disciplines
Integration of DR and Security with design and
implementation of IT initiatives
Potential for insufficient network bandwidth or other
resources to meet RTO requirements
Insufficient budget or personnel resources
Employ solid project management discipline
Ensure that security and disaster recovery initiatives are
adequately planned and funded
Cost Factors
Critical Success Factors
1 FTE allocation for ongoing security and disaster
recovery planning and implementation (as part of
recommended staffing)
External consulting for Risk Assessment & BIA: $150K to
$175K
Strong program and project governance required to
ensure success of this initiative
Commitment from leadership, key stakeholders, and all
project participants will be required for success
Adequate budget and resources
Funding for backup site: TBD based on results of BIA
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 62
IT Service Delivery and Governance
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 63
Enhance IT Service Delivery Capabilities
Scope and Objectives
Provide enhanced and responsive support for IT services needs including project management, desktop support,
management reporting, functional requirements definition, and vendor/supplier management.
Ensure agility to address changing department/operational needs, including partner agency and City requirements.
Meet mission-critical and day-to-day IT operational requirements while providing for capabilities to upgrade
department’s strategic IT capabilities.
Ensure Department ability to attract and retain IT professionals, provide for growth opportunities, and sustain highlevel of IT performance.
Sponsor/Execution Responsibilities
Sponsor: Chief Keohane
Project Manager: TBD
Time Frame
Twelve to 24 Months
Key Activities
Develop detailed program plan to transform IT service delivery capabilities. Two-year program plan should encompass phasing of
the activities included below.
Establish a Department chief information officer position focused on strategic IT leadership, including coordination with DTIS,
vendor/supplier management, IT investment and portfolio management, IT procurement, and security and disaster recovery.
Establish three (3) business/systems analyst positions to support report writing, crime analysis, and management/decision support
reporting.
Augment current desktop and server resources with four additional staff.
Further clarify and document roles and responsibilities for IT staff, and define plan for continuing to leverage sworn officers in key
IT-related roles. Need to ensure that institutional knowledge on systems and projects is preserved.
Develop IT project management capabilities through use of external resources and mentoring of internal resources. A project
manager role should be defined.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 64
Enhance IT Service Delivery Capabilities
Key Activities (Continued)
Monitor desktop and local area network administration functions closely – these may need to transition to other IT
service providers that can provide “bench strength,” e.g., DTIS (assuming 3-year transformation is complete) or
externally sourced desktop services (e.g., for installation, refresh, and moves, adds, and changes - MACs).
Establish service descriptions and service level objectives with DTIS on their enterprise-wide services, e.g., wide area
network support; application hosting support for CABLE and HRMS; 911 Help Desk.
Since 911 Help Desk is a shared function among public safety departments, need to coordinate discussions with DEM
and SF Fire regarding enhancing help desk services beyond “in-take” and “dispatch” of service tickets.
Build IT service delivery capabilities initially through use of trusted external service providers – in order to address inprogress initiatives and day-to-day operational needs.
Guiding Principles
SFPD core mission and strategy is in public safety and preservation of human life – not IT service delivery.
Information technology is viewed a strategic asset to “win the race” – i.e., operational enablement (vs. utility function).
Strong and sustainable IT leadership for SFPD is essential in order to meet its IT strategic vision.
Focusing on IT “business enablement” functions (i.e., “winning the race”) is key to sustainable IT services performance
and business value contribution.
To successfully provide these enablement functions, key IT service delivery staff need to be tightly integrated with
operational functions of the Department, i.e., having intimate knowledge of Department operational priorities and
requirements.
For sustainability and continuity, build IT services capability with civilian resources who know and have an interest in the
operational requirements of SFPD, and have sufficient background and education in IT.
Other IT service delivery staff – those performing infrastructure-related functions – could be externally sourced either
through DTIS or external service provider. Efficiencies and economies-of-scale could be gained by “sharing” or
centralizing these services. Also, the services are often available in the market place with distinct pricing structures.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 65
Enhance IT Service Delivery Capabilities
Risk Factors
Mitigating Factors
Disruption in IT project and day-to-day operational
activities as result of low morale with current IT staff.
Potential lack of political and citywide support for
externally-sourced resources.
Buy-in and commitment from SFPD business unit
leaders.
Attracting and retaining IT professionals.
Limited pool of City and County of San Francisco
resources from which to draw qualified candidates.
“We/them” culture as result of sworn vs. civilian IT staff.
Address organization change management needs,
including communicating key objectives and guiding
principles for the initiative throughout Department, and
with other City stakeholders (e.g., DTIS)
Ensure common understanding of program plan,
milestones, and schedule as this is projected to be a
twenty four (24)-month process.
Focus recruitment on behavioral and business
competencies – technical competencies should be a
given.
Use Gartner and other industry best practices in
establishing service catalog and service level objectives
with DTIS.
Use Gartner and other industry resources to compare
compensation requirements.
Cost Factors
Critical Success Factors
Position classification based on SF City and County
structure for following:
─ Department CIO, (3) Systems/Business Analyst
─ Desktop, server, and local area network specialists
$250K to $350K external consulting assistance to provide
oversight, industry best practices guidance, organization
structure roles and responsibilities, compensation data,
and others.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
Strong SFPD and City executive level support.
Human Resources department commitment to address
unique SFPD requirements.
Excellent organization change management and
communication.
Adequate budget and resources.
31 May 2007
Page 66
Establish IT Governance Program
Scope and Objectives
Provide enhanced and streamlined decision making capabilities pertaining to IT investments and resources,
vendor/supplier management, etc. resulting in cost-effective use and prioritization of scarce department budget.
More collaborative decision making processes pertaining to IT investments, including input from all business units,
e.g., field operations, support services, etc.
Improve monitoring and communications of IT projects and investments.
More transparent decision making processes leading to shorter timeframes to deploy and implement
recommendations/initiatives.
Sponsor/Execution Responsibilities
Sponsor: Chief Fong
Project Manager: TBD
Time Frame
Three to 6 Months
Key Activities
Develop detailed program plan to establish enhanced IT governance and decision making capabilities.
Establish a program manager responsible for planning, piloting, and finalizing governance process.
Revisit current and previous IT decision making processes – key successes and lessons learned.
Determine key decisions to be made – e.g., IT strategic investments, technical standards, resource priorities,
operational changes, etc.
Define governance charter including scope and decision rights, i.e., who needs to make decisions, who recommends
decisions, who has input rights, and who should be informed.
Establish governance bodies needed with appropriate representatives.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 67
Establish IT Governance Program
Key Activities (Continued)
Pilot IT governance processes for three months, including ensuring clarity on “owners” of key IT decisions.
Refine IT governance structure and processes as appropriate with clearly defined scope, roles and responsibilities.
Define processes for capturing progress of IT initiatives, as well as for effectively escalating issues to appropriate
governance bodies.
Fully deploy IT governance process and optimize on an ongoing basis.
Organization Implications
While IT governance processes often reflect the decision making style and culture of the organization, it should be
noted that the SFPD “chain of command” decision making structure for law enforcement and policing needs may
impede IT related decisions. Therefore, proactive definition of required IT decisions and decision rights is essential (for
example, not all IT decisions need “chain of command” sign-off).
Establish common business/operational goals for IT governance with Department management and leadership team
(for example, ensuring the prioritization, execution and benefits realization from IT-related investment projects). Without
these common goals, the value of the IT governance process is not realized.
Develop a common agenda that operational and administrative business unit leaders see as adding value but also
addresses IT concerns (for example, review and approval of key personnel assignments to critical projects).
Implementing effective IT governance requires defining IT governance as a decision-making process with well-defined
outputs, process steps and roles and responsibilities.
IT governance will be more successful on a sustained basis the more it can be integrated into the current Department
decision-making processes. Where additional steps, participants or components (for example, steering committees) are
required, the more they match the decision-making style and culture of the Department, the more likely IT governance
is to be successful.
Ensure that IT project goals are related to “winning the race” or "changing the race" — not just implementing technology
— and develop plans that share responsibility for outcomes between IT and the business/operational units.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 68
Establish IT Governance Program
Risk Factors
Mitigating Factors
Time investment required from key decision makers is not
viewed as priority – delegates without decision making rights
are sent to IT governance discussions.
IT governance processes, including decision rights are not
practical or “right sized” for department needs.
Processes viewed as “overhead,” and do not get support from
Department business unit leaders and staff.
Decision making process is not congruent with Department
culture.
Address organization change management needs, including
communicating key goals for the initiative throughout
Department, and with other City stakeholders (e.g., DTIS)
Establish processes that are consistent with Department
culture, and ensure that decision rights, inputs, and outputs
are understood.
Develop IT principles and policies that define the role of IT in
the Department. Policies spell out what desirable behavior is
in the usage of IT and policies are the rules required to be
followed to reach a similar goal. They are the fundamental
building blocks of IT governance.
Organizations that can secure agreement about the role of IT
generally require simpler and more efficient governance
mechanisms.
Cost Factors
Critical Success Factors
Staff time invested in establishing governance charter, roles
and responsibilities – estimated to be 4 to 6 weeks.
$25K to $50K external consulting assistance to provide
oversight, best practices guidance, develop charters,
governance structure roles and responsibilities, and others.
Ongoing investment in time by Department leaders and
managers, as well as Department representatives.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
Strong SFPD and City executive level support.
Buy-in from all business units to ensure representation of
decision makers to governance bodies.
Clearly defined decisions and decision criteria.
Ongoing re-fresh and evaluation of processes to optimize use
of executive and staff resources.
Strong IT leadership to link operational and investment
requirements to IT investment and resource/funding needs.
31 May 2007
Page 69
Records Management, Case
Management, Executive Information
System, Mobile Data Capabilities
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 70
Integrated Records Management and Case Management
Capabilities
Scope and Objectives
The scope of this initiative includes integrated capabilities to support various core mission functions including
incident reporting, reports and records management, investigations, case management, forensics, lab information
management, property and evidence, training, and other core functions.
This is envisioned to be an integrated system that supports the Departments operational and management needs
including electronic review and approval of incident reports, reporting of key statistical information, interfaces for
geographic mapping and analysis, and storage and retrieval of digital photos, documents, and videos.
The key objective is to facilitate information sharing and overall Department operational effectiveness with the overall
goal of ensuring that the Department continues to achieve its core mission and objectives.
In addition, this initiative is will provide an integrated source of data, which crosses all bureaus as well as other
CCSF criminal justice agencies.
Sponsor/Execution Responsibilities
Sponsor: Deputy Chief Charles Keohane
Execution: Lt. Greg Yee
Time Frame
INITIATIVE IN PROGRESS
Time Frame: Three-year initiative
Key Activities
Infrastructure Upgrade, including desktop roll-out and network upgrade.
Design Review/Walk-through and Approval
Custom Development/Interface Development (e.g., interface to Tiburon CAD)
System Testing, including Integration Testing; Performance Testing; User Acceptance Testing.
End-User Training
Data Conversion
(see Master Project Plan for other Key Activities)
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 71
Integrated Records Management and Case Management
Capabilities
Organization Implications
This is an automated system that would impact the entire SFPD organization and beyond (e.g., partner agencies).
Change management including consistent communications is needed.
Changes in workflow, processes, and operational policies are critical considerations.
Ongoing training and training refresher courses are essential.
Multi-year effort requires solid end-to-end plan for completion, including staging or phasing of all capabilities.
As this is an in-progress initiative, need to re-evaluate original scope and objectives to ensure that all the operational
requirements from the IT strategic planning process have been assessed for potential inclusion in the overall scope of
the system capabilities.
Department practices will need to be revisited, for example, system currently requires 12 to 15 staff members to
manage the process for merging data from the field incident reporting module to the RMS.
Technology Considerations
Need to ensure that overall application and technical architecture provides for scalability and can interface/integrate
with current and future SFPD systems.
Requires desktops with minimum Windows XP operating system.
Sufficient data communications speed/bandwidth is required.
Planning effort is underway to address technical infrastructure considerations.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 72
Integrated Records Management and Case Management
Capabilities
Risk Factors
Mitigating Factors
Insufficient project team resources
Conflicting operational priorities for end users (e.g.,
unable to participate in training)
Insufficient infrastructure (including network and desktop)
Inability to “sell” required organizational changes within
the Department.
Insufficient on-going resources to support the merging of
data from field incident reporting to RMS.
Assess current skills requirements and availability of
resources. Source externally as necessary.
Revisit project plan and governance to identify
communications and decision needs.
Continue to have strong executive sponsor, backed by
solid execution team.
Develop deployment readiness checklist and proactively
address resource and capacity issues.
Cost Factors
One-Time Only
$4M to $4.5M (encompasses RMS/CMS and LIMS
projected funding needs)
On-Going
NWS external services - $325K annually – contract for
years 2 to 5 ($1.3M annually; year 1 is warranty)
SFPD internal support - TBD
Hardware refresh – TBD
DTIS application hosting/data center operations – TBD
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
Critical Success Factors
Strong program and project governance required to
ensure success of this initiative.
Commitment from leadership, key stakeholders, and all
project participants will be required in order to achieve
schedule and budget requirements.
Adequate budget and resources.
Project Dependencies
Successful implementation of desktop upgrade initiative.
Successful implementation of network upgrade initiative.
31 May 2007
Page 73
Implement EIS
Scope and Objectives
The scope of the EIS is the following functionality: a) Investigations module for OCC complaints; MCD
Investigations, and EEOC complaints; b) Incident module for collection and analysis of data regarding Use of Force,
Officer Involved Shootings, Civil Suits, Tort Claims, Vehicle Accidents, Vehicle Pursuits & other associated data; c)
Early Intervention Interface/Module to provide a employees access to self-intervention status.
The objective of the EIS is to provide guidance to the Department to assist sworn personnel in overcoming
problems and improving performance before a potentially detrimental or dangerous situation develops.
Sponsor/Execution Responsibilities
Time Frame
Sponsor: Chief Heather Fong
Project Manager: Capt. Anna Brown
INITIATIVE IN PROGRESS
Vendor Selected; Contract Negotiations in Process
Implementation: (On Target/AIM Proposal) 3/1/07 to
11/12/07
Key Activities
Finalization of Contract
Procurement and Installation of EIS-required hardware.
Installation/Configuration/Customization of Software
Interface Development
Data Conversion
Business Process Review
Acceptance Testing
Training
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 74
Implement EIS
Organization Implications
Requires organizational changes related to the collection and analysis of data related to Early Intervention, such as Use
of Force Data, impacting entire organization (from field to administration).
Need to identify and budget resources to provide on-going support, including system administration; server
maintenance/back-up; report development (utilizing AIM report design tool), etc.
Technology Considerations
Integration/Interface via JUSTIS Hub with: PeopleSoft; New World RMS
Requires E-Mail for E-Mail Notification from Early Intervention Processing System.
Requires desktops with Windows 98 or higher (Windows XP recommended)
Sufficient network infrastructure
Per EIS RFP, the application must be compatible with Citrix environment. On Target has indicated in its proposal that
its application is certified as compatible with Citrix.
Requires high levels of security.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 75
Implement EIS
Risk Factors
Mitigating Factors
Insufficient project team resources
Conflicting operational priorities for end users (e.g.,
unable to participate in training)
Insufficient infrastructure (including network and desktop)
Delayed roll-out of RMS
Delayed upgrade/re-implementation of Public Safety
PeopleSoft HRMS
Inability to “sell” required organizational changes within
the Dept.
Clearly defined responsibilities within contract.
Assess current skills requirements and availability of
resources. Source externally as necessary.
Revisit/establish project plan and governance to identify
communications and decision needs.
Continue to have strong executive sponsor, backed by
solid execution team.
Develop project readiness checklist and proactively
address resource and capacity issues.
Cost Factors
Critical Success Factors
One Time Costs
$1.1M to $1.5M
On-going Costs
$30,000 Annual Software Maintenance/Tech Support from vendor (5
years)
Other Maintenance Costs SFPD/DTIS (include hardware refresh;
application of service packs; etc.) $25K
Application Development - TBD
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
Strong program and project governance required to
ensure success of this initiative
Commitment from leadership, key stakeholders, and all
project participants will be required in order to achieve
schedule and budget requirements
Adequate budget and resources
Project Dependencies
Successful implementation of desktop upgrade initiative
Successful implementation of network initiative.
Successful implementation of NWS RMS.
Roll-out of E-mail to sergeant level and above
31 May 2007
Page 76
Increase Access to Data in Patrol Cars
Scope and Objectives
As part of the City’s 911 project in 1999, the SFPD upgraded its mobile computing capabilities. Officers currently
have access to dispatch and other vital information from their laptops in the patrol cars.
This initiative is focused on enhancing the officer’s ability to quickly retrieve essential information from the
Department and other law enforcement agency systems, including access to photos and other digital information that
is essential in quickly assessing situations and identifying individuals (e.g. persons of interest, notifications required).
Example requirements include: 1) single query - ability to run one name and access all databases, including RMS; 2)
access to department bulletins with wanted photos; 3) access to investigations data to identify “persons of interest” ;
4) warnings regarding location and addresses; 5) Cal-Photo (DMV)
Objective of this initiative is to maximize access by officers in the field to critical data, which can enhance officer
safety.
Sponsor/Execution Responsibilities
Sponsor: Deputy Chief David Shinn
Execution: TBD
Time Frame
Two to three-year effort
Key Activities
An overall program plan should be developed to encompass the activities below.
Develop more detailed functional and technical requirements.
Coordinate with Department of Emergency Management (DEM) and other City stakeholders for funding, and
implementing higher bandwidth and security for wireless data access from patrol cars (i.e., wireless data communication
infrastructure strategy and implementation is a huge dependency).
Ensure that current initiatives such as the JUSTIS project and RMS project allows for access from the field.
Determine Department practice and policy needs pertaining to access of other agencies’ data.
Determine procurement and implementation needs.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 77
Increase Access to Data in Patrol Cars
Organization Implications
Reduces need for officers to return to stations in order to access data.
Need to identify and budget resources for on-going support.
Changes in Department practices and operational policies are critical considerations.
Ongoing training and training refresher courses are essential.
Multi-year effort requires solid end-to-end plan for completion, including staging or phasing of all capabilities.
Ensure that all the operational requirements from the IT strategic planning process have been assessed for potential
inclusion in the overall scope.
Technology Considerations
Requires wireless infrastructure that will provide bandwidth necessary for encrypted transmission of large volumes of
data.
Security and privacy requirements must be met per Department of Justice, for data being transmitted over wireless
networks
Need to determine implications of Level II implementation to enable access to multiple databases (ie. Level II
implementation may result in double encryption of data transmitted. Will this negatively impact application
performance?)
Upgrade to laptop devices, and mounting equipment should be part of evaluation.
Assess need for using personal digital assistants (PDAs) and other types of mobile devices.
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 78
Increase Access to Data in Patrol Cars
Risk Factors
Insufficient wireless infrastructure.
Delay in roll-out of RMS system.
Delay in roll-out of Level II.
Inability to maintain/support wireless infrastructure.
Mitigating Factors
Develop detailed implementation plan that encompasses
wireless network infrastructure.
Establish project governance that includes external
stakeholders such as DEM and DTIS as scope and
funding source may be broader.
Assess skills requirements and availability of resources.
Source externally as necessary.
Strong SFPD executive sponsor, backed by solid
execution team and citywide support.
Develop project readiness checklist and proactively
address resource and capacity issues.
Cost Factors
Critical Success Factors
One-Time Costs
$200K to $250K external consulting for planning
Strong program and project governance required to
ensure success of this initiative
Commitment from leadership, key stakeholders, and all
project participants will be required in order to achieve
schedule and budget requirements
Adequate budget and resources
Project Dependencies
High speed wireless networking with encryption.
$500K budgeted for in-car camera pilot
Additional costs TBD after pilots and detailed planning
are complete
On-Going Costs
TBD based on the results of further detailed planning
For internal use of City and County of San Francisco Police Department only.
Engagement: 221255031
© 2007 Gartner, Inc. and/or its affiliates. All rights reserved.
31 May 2007
Page 79
Contact Information
Gartner Contact
Irma J. Fabular
Vice President
Telephone: +1-619-542-4811
E mail: [email protected]